Healthcare data breaches can be prevented

A new study finds that healthcare data breaches are increasing, despite growing public awareness, increased security assurances and rising government fines.

The study revealed that 23 percent of all data breaches occur in healthcare and have impacted 155 million Americans in almost 1,500 breaches in the past six years. The total number of breach victims tripled in the last two years alone. The per-record cost for healthcare data breaches in 2017 was $363, the highest of any industry.

Healthcare data, referred to as PHI (Protected Health Information), is more valuable than many other forms of personal identification because information such as birth dates, Social Security and insurance ID numbers don’t change and criminals can charge premium prices on the black market.

According to the study, digitized personal health data increasingly is shared with insurers and other providers, contributing to the likelihood of breaches.

Image result for healthcare data breach ukWith no obvious end in sight, these trends are likely to continue and 2018 has already presented some new security challenges across all industries, including healthcare. They’ve learned that they can no longer operate the way they have in the recent past. Security is becoming a much more integral part of the healthcare system. Healthcare providers need to treat cyber security with the same priority as other departments,” the study said.

It is unrealistic to expect small community hospitals and private practices to provide the resources to combat well-funded and determined criminal organizations intent on breaching their data, particularly when large national banks, retail chains and even the federal government have been hacked.

That still should not prevent hospitals from keeping their systems updated and avoiding the kinds of human errors responsible for most data breaches. Healthcare organizations can adopt better practices, training and policies to prevent lost laptops, misplaced hard drives and employees clicking on suspicious files that contain malware and spyware. They can also bring in outside I.T. Support to determine what technologies and procedures can be beefed up to protect patient records.

Hooks Systems of Wilmington and Myrtle Beach provides a variety of HIPAA compliant security services including managed firewall and perimeter security and complete security assessments.  These assessments provide a comprehensive look at every computing device and every user to identify potential security risks.  Hooks Systems’ network engineers and HIPAA security specialists then present a plan for bring your organization into compliance.

 

Source-Brookings’ Center for Technology Innovation